private void bInject_Click(object sender, EventArgs e) { if (!openNew) { if (activeProcess != null) { var res = i.inject(activeProcess.Process.Id, tbDllResult.Text); if (res.ErrorCode == 0) { activeProcess.InjectedList.Add(res); updateSelected(); } else { msg("Injection failed"); } } else { msg("No process selected"); } } else { if (File.Exists(activeExe)) { if (File.Exists(tbDllResult.Text)) { try { DLLInformation dll = i.inject(activeExe, tbDllResult.Text); if (dll.ErrorCode == 0) { activeProcess = new ProcessWrapper(Process.GetProcessById(dll.ProcID)); activeProcess.InjectedList.Add(dll); openNew = false; updateSelected(); } else { msg("Injection failed"); } } catch { msg("Injection failed"); } } else { msg("No DLL found to inject"); } } else { msg("No executable to launch"); } } }
public DLLInformation inject(int pid, string dllPath) { DLLInformation d = new DLLInformation(); d.ProcID = pid; IntPtr hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, pid); d.ErrorCode = commonInject(hProcess, dllPath, ref d); return d; }
public DLLInformation inject(int pid, string dllPath) { DLLInformation d = new DLLInformation(); d.ProcID = pid; IntPtr hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, pid); d.ErrorCode = commonInject(hProcess, dllPath, ref d); return(d); }
private int commonInject(IntPtr hProcess, string dllPath, ref DLLInformation d) { try { if (d == null) { d = new DLLInformation(); } d.DllPath = dllPath; if (hProcess == null || hProcess.ToInt32() == -1) { return(1); } IntPtr memory = VirtualAllocEx(hProcess, new IntPtr(0), (uint)dllPath.Length, AllocationType.Commit, MemoryProtection.ReadWrite); if (memory == null || memory.ToInt32() == 0) { return(2); } UIntPtr p; byte[] data = Encoding.ASCII.GetBytes(dllPath); if (!WriteProcessMemory(hProcess, memory, data, (uint)dllPath.Length, out p)) { return(3); } uint x = 0; IntPtr loc = new IntPtr(GetProcAddress(GetModuleHandle("KERNEL32.DLL"), "LoadLibraryA").ToUInt32()); IntPtr hThread = CreateRemoteThread(hProcess, new IntPtr(0), 0, loc, memory, 0, out x); if (hThread == null || hThread.ToInt32() == -1) { return(4); } WaitForSingleObject(hThread, uint.MaxValue); uint exitCode; if (!GetExitCodeThread(hThread, out exitCode)) { return(5); } d.DllHandle = exitCode; CloseHandle(hThread); VirtualFreeEx(hProcess, memory, dllPath.Length + 1, FreeType.Release); d.IsInjected = true; return(0); } catch { return(-1); } }
public DLLInformation inject(string exePath, string dllPath) { DLLInformation d = new DLLInformation(); STARTUPINFO lpStartupInfo = new STARTUPINFO(); PROCESS_INFORMATION lpProcessInfo = new PROCESS_INFORMATION(); SECURITY_ATTRIBUTES lpSecurityAttributes1 = new SECURITY_ATTRIBUTES(); SECURITY_ATTRIBUTES lpSecurityAttributes2 = new SECURITY_ATTRIBUTES(); lpSecurityAttributes1.nLength = Marshal.SizeOf(lpSecurityAttributes1); lpSecurityAttributes2.nLength = Marshal.SizeOf(lpSecurityAttributes2); IntPtr hProcess; CreateProcess(exePath, "", ref lpSecurityAttributes1, ref lpSecurityAttributes2, false, 0x0020, IntPtr.Zero, null, ref lpStartupInfo, out lpProcessInfo); hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, lpProcessInfo.dwProcessId); d.ProcID = lpProcessInfo.dwProcessId; d.ErrorCode = commonInject(hProcess, dllPath, ref d); return d; }
public DLLInformation inject(string exePath, string dllPath) { DLLInformation d = new DLLInformation(); STARTUPINFO lpStartupInfo = new STARTUPINFO(); PROCESS_INFORMATION lpProcessInfo = new PROCESS_INFORMATION(); SECURITY_ATTRIBUTES lpSecurityAttributes1 = new SECURITY_ATTRIBUTES(); SECURITY_ATTRIBUTES lpSecurityAttributes2 = new SECURITY_ATTRIBUTES(); lpSecurityAttributes1.nLength = Marshal.SizeOf(lpSecurityAttributes1); lpSecurityAttributes2.nLength = Marshal.SizeOf(lpSecurityAttributes2); IntPtr hProcess; CreateProcess(exePath, "", ref lpSecurityAttributes1, ref lpSecurityAttributes2, false, 0x0020, IntPtr.Zero, null, ref lpStartupInfo, out lpProcessInfo); hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, lpProcessInfo.dwProcessId); d.ProcID = lpProcessInfo.dwProcessId; d.ErrorCode = commonInject(hProcess, dllPath, ref d); return(d); }
public int unject(DLLInformation d) { try { if (!d.IsInjected) { return(-2); } IntPtr hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, d.ProcID); if (hProcess == null || hProcess.ToInt32() == -1) { return(1); } uint x = 0; IntPtr loc = new IntPtr(GetProcAddress(GetModuleHandle("KERNEL32.dll"), "FreeLibrary").ToUInt32()); IntPtr hThread = CreateRemoteThread(hProcess, new IntPtr(0), 0, loc, new IntPtr(d.DllHandle), 0, out x); if (hThread == null || hThread.ToInt32() == -1) { return(2); } WaitForSingleObject(hThread, uint.MaxValue); uint exitCode; if (!GetExitCodeThread(hThread, out exitCode)) { return(3); } CloseHandle(hThread); CloseHandle(hProcess); d.IsInjected = false; return(0); } catch { return(-1); } }
public int unject(DLLInformation d) { try { if (!d.IsInjected) { return -2; } IntPtr hProcess = OpenProcess((int)(0x000F0000L | 0x00100000L | 0xFFF), false, d.ProcID); if (hProcess == null || hProcess.ToInt32() == -1) { return 1; } uint x = 0; IntPtr loc = new IntPtr(GetProcAddress(GetModuleHandle("KERNEL32.dll"), "FreeLibrary").ToUInt32()); IntPtr hThread = CreateRemoteThread(hProcess, new IntPtr(0), 0, loc, new IntPtr(d.DllHandle), 0, out x); if (hThread == null || hThread.ToInt32() == -1) { return 2; } WaitForSingleObject(hThread, uint.MaxValue); uint exitCode; if (!GetExitCodeThread(hThread, out exitCode)) { return 3; } CloseHandle(hThread); CloseHandle(hProcess); d.IsInjected = false; return 0; } catch { return -1; } }
private int commonInject(IntPtr hProcess, string dllPath, ref DLLInformation d) { try { if (d == null) d = new DLLInformation(); d.DllPath = dllPath; if (hProcess == null || hProcess.ToInt32() == -1) { return 1; } IntPtr memory = VirtualAllocEx(hProcess, new IntPtr(0), (uint)dllPath.Length, AllocationType.Commit, MemoryProtection.ReadWrite); if (memory == null || memory.ToInt32() == 0) { return 2; } UIntPtr p; byte[] data = Encoding.ASCII.GetBytes(dllPath); if (!WriteProcessMemory(hProcess, memory, data, (uint)dllPath.Length, out p)) { return 3; } uint x = 0; IntPtr loc = new IntPtr(GetProcAddress(GetModuleHandle("KERNEL32.DLL"), "LoadLibraryA").ToUInt32()); IntPtr hThread = CreateRemoteThread(hProcess, new IntPtr(0), 0, loc, memory, 0, out x); if (hThread == null || hThread.ToInt32() == -1) { return 4; } WaitForSingleObject(hThread, uint.MaxValue); uint exitCode; if (!GetExitCodeThread(hThread, out exitCode)) { return 5; } d.DllHandle = exitCode; CloseHandle(hThread); VirtualFreeEx(hProcess, memory, dllPath.Length + 1, FreeType.Release); d.IsInjected = true; return 0; } catch { return -1; } }